Archive
Guofei Gu
Roberto Perdisci
Roberto Perdisci
- Distinguished Paper – "Protecting Your Voice from Speech Synthesis Attacks"
- Distinguished Paper – "SePanner: Analyzing Semantics of Controller Variables in Industrial Control Systems based on Network Traffic"
- Distinguished Paper with Artifacts – "Artemis: Defanging Software Supply Chain Attacks in Multi-repository Update Systems"
- Distinguished Paper with Artifacts – "Remote Attestation of Confidential VMs Using Ephemeral vTPMs"
- Best Poster – "Emergent (In)Security of Multi-Cloud Environments"
- Best Poster – "Sound Bytes: From Memory to Audio Signals for Industrial Control Systems' Defense"
- Test of Time
- Cybersecurity Artifacts Competition and Impact Award (1st Place) – "angr: A Powerful and User-friendly Binary Analysis Platform"
- Cybersecurity Artifacts Competition and Impact Award (2nd Place) – "SGX-Step: An Open-Source Framework for Precise Dissection and Practical Exploitation of Intel SGX Enclaves"
- Nicholas Carlini, Research Scientist, Google DeepMind
"Computer Security in the Age of Large Language Models"
Guofei Gu
Gabriela Ciocarlie
Gabriela Ciocarlie
- Distinguished Paper – "BayesImposter: Bayesian Estimation Based .bss Imposter Attack on Industrial Control Systems"
- Distinguished Paper – "Making Memory Account Accountable: Analyzing and Detecting Memory Missing-account bugs for Container Platforms"
- Distinguished Paper with Artifacts – "Assessing Model-free Anomaly Detection in Industrial Control Systems Against Generic Concealment Attacks"
- Best Poster – "One Fuzz Doesn't Fit All: Optimizing Directed Fuzzing via Target-tailored Program State Restriction"
- Best Poster – "Automated WebAssembly Function Purpose Identification"
- Test of Time
- Cybersecurity Artifacts Competition Impactful System Award – "Tripwire: Integrity Scanning as Intrusion Detection"
- Cybersecurity Artifacts Competition Impactful Dataset Award – "Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation"
- Suman Jana, Associate Professor, Columbia University
"Automated Data-driven Binary Analysis for Security"
Kevin Butler
Heng Yin
Heng Yin
- Distinguished Paper – "Two Souls in an Adversarial Image: Towards Universal Adversarial Example Detection using Multi-view Inconsistency"
- Distinguished Paper with Artifacts – "Repack Me If You Can: An Anti-Repackaging Solution based on Android Virtualization"
- Distinguished Paper with Artifacts – "argXtract: Deriving IoT Security Configurations via Automated Static Analysis of Stripped ARM Cortex-M Binaries"
- Test of Time
- Michelle Mazurek, Associate Professor, University of Maryland
"Wait, there are people here? Using HCI methods to answer impactful security and privacy questions"
Kevin Butler
Daphne Yao
Daphne Yao
- Distinguished Paper – "Measuring the Effectiveness of Privacy Policies for Voice Assistant Applications"
- Distinguished Paper – "Betrayed by the Guardian: Security and Privacy Risks of Parental Control Solutions"
- Distinguished Paper with Artifacts – "SAIBERSOC: Synthetic Attack Injection to Benchmark and Evaluate the Performance of Security Operation Centers"
- Distinguished Paper with Artifacts – "Faulty Point Unit: ABI Poisoning Attacks on Intel SGX"
- Test of Time
- Distinguished Practitioner – Emily Stark, Tech Lead and Manager, Chrome Security Team, Google
"When Security Meets Compatibility"
David Balenson
Guofei Gu
Guofei Gu
- Distinguished Paper – "Opening Pandora's Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones"
- Distinguished Paper – "Premadoma: An Operational Solution for DNS Registries to Prevent Malicious Domain Registrations"
- Test of Time
- Distinguished Practitioner – Carrie Gates, Senior Vice President, Global Information Security, Bank of America
"Can You Get That to Me Soon? Lessons Learned from Life in Industry Research" - Distinguished Practitioner – Patrick Traynor, Professor, University of Florida
"Why Your Tech Transition Will Probably Fail (And Why You Should Do It Anyway)"
David Balenson
Juan Caballero
Juan Caballero
- Distinguished Paper – "Hiding in the Shadows: Empowering ARM for Stealthy Virtual Machine Introspection"
- Distinguished Paper – "Tracking Users across the Web via TLS Session Resumption"
- Distinguished Practitioner – Michelle Dennedy, Vice President and Chief Privacy Officer, Cisco
"Why Privacy Engineering Matters Now" - Alina Oprea, Professor of Computer Science, Northeastern University
"AI in Cybersecurity: Applications, Open Problems, and Future Directions"
David Balenson
Davide Balzarotti
Davide Balzarotti
- Distinguished Paper – "Kakute: A Precise, Unified Information Flow Analysis System for Big-data Security"
- Distinguished Paper – "Supporting Transparent Snapshot for Bare-metal Malware Analysis on Mobile Devices"
- Distinguished Practitioner – Raffael Marty, VP Security Analytics, Sophos
"Delivering Security Insights with Data Analytics and Visualization" - Invited Essayist – Christian Collberg, Professor of Computer Science, University of Arizona
"Dare to Share: Risks and Rewards of Artifact Sharing in Computer Science"
Stephen Schwab
Wil Robertson
Wil Robertson
- Outstanding Paper – "Code Obfuscation Against Symbolic Execution Attacks"
- Outstanding Student Paper – "A Security Analysis of Automated Chinese Turing Tests"
- Distinguished Practitioner – Dr. Paul Vixie, CEO, Farsight Security
"Scaling Properties of Software and System Security" - Invited Essayist – Dr. Úlfar Erlingsson, Manager of Security Research, Google
"Software Security in the Real World"
Stephen Schwab
Micah Sherr
Micah Sherr
- Outstanding Paper – "ErsatzPasswords: Ending Password Cracking and Detecting Password Leakage"
- Outstanding Student Paper – "ShrinkWrap: VTable protection without loose ends"
- Invited Essayist – Dr. Jeannette Wing, Corporate Vice President, Microsoft Research
"CyberPhysical Meets CyberTrust" - Distinguished Practitioners – Benjamin Price and Michael Zhivich, MIT Lincoln Laboratory
"Creating a League of Extra-Ordinary Machines"
Charlie Payne
Kevin Butler
Kevin Butler
- Outstanding Paper – "Using Automatic Speech Recognition for Attacking Acoustic CAPTCHAs: The Trade-off between Usability and Security"
- Outstanding Student Paper – "IMSI-Catch Me If You Can: IMSI-Catcher-Catchers"
- Distinguished Practitioner Panel – W. Olin Sibert, Professor Roger R. Schell, Tom Van Vleck, and Steven B. Lipner
"The Multicians" - Invited Essayist – Aviel D. Rubin, Johns Hopkins University
"Taking Two-Factor to the Next Level: Protecting Online Poker, Banking, Healthcare and Other Applications"
Charlie Payne
Patrick Traynor
Patrick Traynor
- Outstanding Paper – "PRIME: Private RSA Infrastructure for Memory-less Encryption"
- Outstanding Student Paper – "Implementation and Implications of a Stealth Hard-Drive Backdoor"
- Distinguished Practitioner – William Young and Nancy Leveson, MIT
"Applying Systems Thinking to Security and Safety" - Invited Essayist – Dr. Carl E. Landwehr, Cyber Security Policy and Research Institute, George Washington University
"A Building Code for Building Code: Putting What We Know Works to Work"
Robert H'obbes' Zakon
Michael Locasto
Michael Locasto
- Outstanding Paper – "Generalized Vulnerability Extrapolation using Abstract Syntax Trees"
- Outstanding Student Paper – "Securing Untrusted Code via Compiler-Agnostic Binary Rewriting"
- Distinguished Practitioner – Ron Ross, Fellow, National Institute of Standards and Technology
"Opening up a Second Front on Risk Management: Integrating Cyber Security Requirements into Main Stream Organizational Mission and Business Processes" - Invited Essayist – Susan Alexander, Director, Safe and Secure Operations, IARPA
"Trust Engineering — Rejecting the Tyranny of the Weakest Link" - Classic Book – Ross Anderson, Author and Professor, University of Cambridge, UK
"Security Economics - A Personal Perspective" - Industry – Eran Feigenbaum, Director of Security, Google
"Is Cloud Computing the End of Security and Privacy As We Know It?"
Robert H'obbes' Zakon
John McDermott
John McDermott
- Outstanding Paper – "The Socialbot Network: When Bots Socialize for Fame and Money"
- Outstanding Student Paper – "Distilling Critical Attack Graph Surface iteratively through Minimum-Cost SAT Solving"
- Distinguished Practitioner – Susan Landau, Visiting Scholar, Computer Science, Harvard University
"Privacy: It's All in the Use Case" - Invited Essayist – Terry Benzel, USC Information Sciences Institute
"The Science of Cyber Security Experimentation: The DETER Project" - Classic Paper – Paul Syverson, US Naval Research Laboratory
"A Peel of Onion" - Classic Paper – Matt Blaze, University of Pennsylvania
"Key Escrow from a Safe Distance"
Carrie Gates
Michael Franz
Michael Franz
- Outstanding Paper – "A Quantitative Analysis of The Insecurity of Embedded Network Devices: Results of a Wide-area Scan"
- Outstanding Student Paper – "Detecting Spammers On Social Networks"
- Distinguished Practitioner – Douglas Maughan, U.S. Department of Homeland Security
"Putting Basic Research To Work" - Invited Essayist – Thomas Longstaff, Johns Hopkins University Applied Physics Laboratory
"Barriers to Science in Security" - Classic Paper – Giovanni Vigna, UC Santa Barbara
"Network Intrusion Detection: Dead or Alive?" - Classic Paper – William Cheswick, AT&T Labs—Research
"Back to Berferd"
Carrie Gates
Charlie Payne
Charlie Payne
- Outstanding Paper – "Semantically Rich Application-Centric Security in Android"
- Outstanding Student Paper – "Analyzing Information Flow in JavaScript-based Browser Extensions"
- Distinguished Practitioner – Lorrie Faith Cranor, Carnegie Mellon University
"Users do the darndest things: True stories from the CyLab Usable Privacy and Security Laboratory" - Invited Essayist – Mary Ann Davidson, Oracle
"The Good, The Bad, And The Ugly: Stepping on the Security Scale" - Classic Paper – Matt Bishop, UC Davis
"Reflections on UNIX Vulnerabilities" - Classic Paper – Li Gong, Mozilla Online Ltd., China
"Java Security: A Ten Year Retrospective" - Luncheon – Peter Neumann, SRI
"Risk Futures: Who (or What) May Be Eating Your Lunch?"
Cristina Serban
Pierangela Samarati
Pierangela Samarati
- Outstanding Paper – "Soft-Timer Driven Transient Kernel Control Flow Attacks and Defense"
- Outstanding Student Paper – "Automatic Inference and Enforcement of Kernel Data Structure Invariants"
- Distinguished Practitioner – Whitfield Diffie, Chief Security Officer, Sun Microsystems
"Insecurity in a Web-Services World" - Invited Essayist – O. Sami Saydjari, CEO, Cyber Defense Agency LLC
"Structuring for Strategic Cyber Defense: A Cyber Manhattan Project Blueprint " - Classic Paper – Barbara Y. Fraser and Stephen D. Crocker, Cisco Systems and Shinkuro, Inc.
"Seventeen Years -- Network Security is even worse than a plague of locusts" - Classic Paper – Stephanie Forrest, University of New Mexico
"System-call Monitoring Revisited"
Cristina Serban
Pierangela Samarati
Pierangela Samarati
- Outstanding Paper – "Tracking Darkports for Network Defense"
- Outstanding Student Paper – "Automated Vulnerability Analysis: Leveraging Control Flow for Evolutionary Input Crafting"
- Distinguished Practitioner – Dr. Richard Kemmerer, University of California, Santa Barbara
"So You Think You Can Dance?" - Invited Essayist – Tom Haigh, Adventium Labs
" Personal privacy without computational obscurity: Rethinking privacy protection strategies for open information networks" - Classic Paper – John Rushby, SRI International
" Distributed Secure Systems: Then and Now "
Dan Thomsen
Christoph Schuba
Christoph Schuba
- Outstanding Paper – "Backtracking Algorithmic Complexity Attacks Against a NIDS"
- Outstanding Student Paper – "From Languages to Systems: Understanding Practical Application Development in Security-typed Languages"
- NIST/NSA National Computer Systems Security Award – "Steven M. Bellovin"
- Distinguished Practitioner – Dr. Dixie Baker, SAIC
"Privacy and Security in Public Health: Maintaining the Delicate Balance between Personal Privacy and Population Safety" - Invited Essayist – Brian Witten, Symantec Corporation
"Engineering Sufficiently Secure Computing" - Classic Paper – Jeremy Epstein, webMethods, Inc.
"Fifteen Years after TX: A Look Back at High Assurance Multi-Level Secure Windowing" - Classic Paper – Peter G. Neumann, SRI International Computer Science Lab
"Risks of Untrustworthiness"
Dan Thomsen
Christoph Schuba
Christoph Schuba
- Outstanding Paper – "Automated and Safe Vulnerability Assessment"
- Outstanding Student Paper – "Model Checking An Entire Linux Distribution for Security Violations"
- National Information Systems Security Award – "Virgil Gligor"
- Distinguished Practitioner – Brian Snow, U.S. National Security Agency
" We Need Assurance!" - Invited Essayist – Mary Ellen Zurko, IBM Corporation
"User-Centered Security: Stepping Up to the Grand Challenge" - Classic Paper – David Elliott Bell
"Looking Back on the Bell-LaPadula Model" - Classic Paper – Myong H. Kang, Ira S. Moskowitz, and Stanley Chincheck, U.S. Naval Research Laboratory
"The Pump: A Decade of Covert Fun"
Daniel Faigin
Daniel Thomsen
Daniel Thomsen
- Outstanding Paper and Student Paper – "Automatic Generation and Analysis of NIDS Attacks"
- Distinguished Practitioner – Steven B. Lipner, Director of Security Engineering Strategy, Microsoft
"Practical Assurance: Evolution of a Security Development Lifecycle" - Invited Essayist – Rebecca Mercuri
"Transparency and Trust in Computational Systems" - Classic Paper – Marv Schaefer presented by Paul Karger, IBM
"If A1 is the Answer, What was the Question? An Edgy Naïf's Retrospective on Promulgating the Trusted Computer Systems Evaluation Criteria" - Classic Paper – Steven M. Bellovin, AT&T Labs - Research
"A Look Back at "Security Problems in the TCP/IP Protocol Suite""
Daniel Faigin
Louanna Notargiacomo
Louanna Notargiacomo
- Outstanding Paper – "Isolated Program Execution: An Application Transparent Approach for Executing Untrusted Programs"
- Outstanding Student Paper – "Intrusion Detection: A Bio-Informatics Approach"
- Distinguished Practitioner – Clark Weissman, Information Assurance/Multilevel Security (IA/MLS) Head, Northrop Grumman, Information Systems
"MLS-PCA: A High Assurance Security Architecture for Future Avionics" - Invited Essayist – Lance Spitzner
"Honeypots: Catching the Insider Threat"
Daniel Faigin
Louanna Notargiacomo
Louanna Notargiacomo
- Outstanding Paper – "Throttling Viruses: Restricting propagation to defeat malicious mobile code"
- Outstanding Student Paper – "Controlled Physical Random Functions"
- Distinguished Practitioner – Earl Boebert, Senior Scientist, Sandia National Laboratories
"The Common Sense of System Design" - Invited Essayist – Dr. Daniel Geer, @stake
"Penetration Testing: The Science of Insecurity"
Daniel Faigin
Jeremy Epstein
Jeremy Epstein
- Outstanding Paper – "Genoa TIE, Advanced Boundary Controller Experiment"
- Case Study Presentation – "How Not to Configure Your Firewall: A Field Guide to Common Firewall Misconfigurations"
- Distinguished Practitioner – Dr. Robert Blakley, Senior Scientist, Tivoli Systems Inc., an IBM company
"Castles in the Sand" - Invited Essayist – Dr. Roger R. Schell, President, Aesec
"Information Security: The State of Science, Pseudoscience, and Flying Pigs"
Dee Akers
Jeremy Epstein
Jeremy Epstein
- Outstanding Paper – "ITS4: A Static Vulnerability Scanner for C and C++ Code"
- Outstanding Student Paper – "The Chinese Remainder Theorem and its Application in a High-Speed RSA Crypto-Chip"
- Distinguished Lecturer – Dr. Eugene H. Spafford, Purdue University
"Musings on Disclosure & Vulnerabilities" - Invited Essayist – Butler Lampson, Microsoft Corporation and MIT
"Computer Security in the Real World"
Dee Akers
Klaus Keus
Klaus Keus
- Outstanding Paper – "Adding Availability To Log Services Of Untrusted Machines"
- Lieutenant General Michael V. Hayden, Director, National Security Agency
- Distinguished Lecturer – Ross Anderson, University of Cambridge Computer Laboratory
Dee Akers
Klaus Keus
Klaus Keus
- Outstanding Paper – "NetSTAT: A Network-based Intrusion Detection Approach"
- Donald Rothwell, Motorola
- Distinguished Practitioner – Howard E. Glavin, Jr., CSX Technology
Dr. Gary Smith
Dr. Ron Ross
Dr. Ron Ross
- Distinguished Lecturer – Marcus J. Ranum, V-ONE, Inc.
"Security on Internet Time"
Dr. Gary Smith
Dr. Ravi Sandhu
Dr. Ravi Sandhu
- Jim Flyzik, U.S. Department of the Treasury
- Distinguished Lecturer – Dr. Roger Schell , Novell, Inc.
Ann Marmor-Squires
Dr. Gary Smith
Dr. Gary Smith
- Paul Strassmann, SAIC
- Distinguished Lecturer – Bob Courtney, Robert Courtney Co.
Ron Gove
Ann Marmor-Squires
Ann Marmor-Squires
- Robert Ayers, Director, Center for Information Systems Security, Defense Information Systems Agency
- Distringuished Lecturer – H. O. Lubbes
"COMPUSEC, A Personal View"
Ron Gove
Ann Marmor-Squires
Ann Marmor-Squires
- Daniel J. Ryan, Executive Assistant for Information Systems Security to the Deputy Assistant Secretary of Defense, U.S. Department of Defense
- Distringuished Lecturer – James P. Anderson, James P. Anderson Co
"Myths and Mythtakes of Computer Security"
Ron Gove
Ann Marmor-Squires
Ann Marmor-Squires
- Outstanding Student Paper – "Security Modeling Using Hierarchical State Machines"
- Major General G. W. O'Shaughnesy, Commander Air Force Intelligence Command, U.S. Department of Defense
- Distringuished Lecturer – Dr. Willis H. Ware, Rand Corporation
"National Policy Issues in Computer Security"
Marshall Abrams
Ron Gove
Ron Gove
- Ralph V. Carlone, U.S. General Accounting Office
- Distringuished Lecturer – Dr. Dorothy Denning, Digital Equipment Corporation
"The Data Encryption Standard; Fifteen Years of Public Scrutiny"
Marshall Abrams
Ron Gove
Ron Gove
- Senator Dennis DeConcini
- Distinguished Lecturer – Steven T. Walker, President, Trusted Information Systems
"INFOSEC: How Far We Have Come! How Far Can We Go?"
Dr. Marshall Abrams
Dr. William Bisignani
Dr. William Bisignani
- John J. Lane, Vice President, Computer Sciences Corporation
Steve Walker
- Donald C. Latham, ASD(C3I), U.S. Department of Defense
- Luncheon – Carl Hammer, Ph.D.
"Beyond the Data Processing Horizon"
Dr. William Bisignani
Frederick G. Tompkins
Frederick G. Tompkins
- Congressman Dan Glickman
- Distinguished Lecturer – Thomas P. Quinn, ASD(C3I), U.S. Department of Defense